Kaspersky Lab Used by Russia as a Tool to Spy on the U.S.

Software from Russian-based Kaspersky Lab has been used to steal sensitive and classified National Security Agency (NSA) data from an NSA contractor’s personal computer, according to the Wall Street Journal.

The 2015 hack apparently happened when the contractor took the data from the NSA and loaded it onto his computer, which contained Kaspersky antivirus software. Allegedly, the software enabled Russian hackers to see his files. The hack has not been disclosed by the government, noted the Wall Street Journal.

The Washington Post reported that the contractor, a U.S. citizen born in Vietnam, worked for the division of the NSA that creates tools to break into computers overseas for the purpose of gathering intelligence. The employee, who was sacked in 2015, probably did not take the materials for malicious purposes such as handing them to a foreign spy agency, The Washington Post noted.

A New York Times article details how Israeli intelligence officers looked on in real time as Russian government hackers searched computers for the code names of American intelligence programs.

Interestingly, neither the Wall Street Journal nor the Washington Post addressed the issue of why the employee took classified information home on his laptop.

Equally as interesting, the reports provide no information about how an NSA employee’s laptop could be hacked so easily, nor why it took a year for the hack to be disclosed. Plus, neither newspaper provided any evidence of Kaspersky Lab working directly for the Russian secret service.

In a statement, Kaspersky said:

“Kaspersky Lab has not been provided any evidence substantiating the company’s involvement in the alleged incident reported by the Wall Street Journal on October 5, 2017, and it is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company. 

“However, as the trustworthiness and integrity of our products are fundamental to our business, we are seriously concerned about the article’s implications that attackers may have exploited our software. We reiterate our willingness to work alongside U.S. authorities to address any concerns they may have about our products and respectfully request any relevant information that would enable the company to begin an investigation at the earliest opportunity. 

“As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight.”

Last month, the U.S. Government, Best Buy, and Office Depot suspended business with Kaspersky, as we reported in a blog.

The government issued a binding directive that federal civilian agencies identify Kaspersky software on their networks, and remove it after 90 days, unless otherwise directed.

The Department of Homeland Security (DHS) said it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS said in a statement.

Cross Posted from VIPRE

Support